.png)
Insurance Office of America Data Breach Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Insurance Office of America (IOA) data breach.
If you were affected by the data breach, your sensitive personally identifiable information such as SSN may have been exposed, and you may be eligible for compensation.
About Insurance Office of America (IOA)
Insurance Office of America (IOA) is the fourth largest privately held insurance brokerage in the United States. Founded in 1988, IOA provides insurance and risk management solutions, including property and casualty, employee benefits and personal lines coverage.
The company is headquartered in Longwood, Florida, IOA has grown to employ more than 1,200 people across over 60 offices in the U.S. and the United Kingdom.
What Happened?
On June 30, 2025, IOA discovered that internal systems had been affected by a security incident. The company launched an investigation with external cybersecurity experts.
The investigation determined that between June 25, 2025, and June 30, 2025, an unauthorized party gained access to IOA’s network through a phishing email attack and may have been accessed or acquired certain data stored the system. After a review, IOA confirmed that personal information was involved.
Additionally, a ransomware group known as DAIXIN Team claimed responsibility for the attack and posted about the breach on the dark web on July 2, 2025. They alleged they had obtained more than 100,000 internal documents from IOA.
The breach was reported to the offices of the attorneys general of California, Maine, and New Hampshire, as well as Massachusetts Office of Consumer Affairs and Business Regulation on Jan. 16, 2026. IOA began notifying affected individuals on the same day via written notice.
The Texas Attorney General was notified on Jan. 21, 2026.
The total number of people affected in the United States is 12,913, including 446 in Texas, 111 individuals in Massachusetts, 54 in New Hampshire, and 15 individuals in Maine.
Information Exposed:
- Names
- Addresses
- Dates of birth
- Social Security numbers
- Other PII
Your Rights and Next Steps
If you received a notice from IOA or believe your information may have been compromised, there are important steps you can take to protect yourself:
- IOA is offering 24 months of complimentary credit monitoring services through Epiq. This includes credit monitoring, dark web monitoring, identity restoration assistance and up to $1 million in identity theft insurance.
- You have the right to obtain a free copy of your credit report from each of the nationwide credit reporting agencies once every 12 months.
- Consider placing a fraud alert or security freeze on your credit file. A fraud alert notifies potential creditors to verify your identity before extending credit. A security freeze restricts access to your credit report, making it more difficult for identity thieves to open new accounts in your name.
- Monitor your financial accounts and credit reports for any suspicious activity. If you notice unauthorized transactions or accounts, contact your financial institution and report the fraud immediately.
The written notice you received from IOA includes detailed instructions on enrolling in credit monitoring and additional resources for protecting your information.
You May Be Entitled to Compensation
If you were affected by the IOA data breach, you may be entitled to compensation for the exposure of your personal information. Lawyers are ready to help individuals whose data was compromised seek financial relief and hold responsible parties accountable. Compensation may cover out-of-pocket expenses, time spent addressing the breach, and other damages.
To find out if you qualify and to join a lawsuit, complete the below form.
.svg)